thefts and encrypted FS (Re: what dose this do)
Jeroen de Haas
dajero at dajero.nl
Sun Sep 28 09:54:49 UTC 2008
On Sat, 2008-09-27 at 11:06 -0700, Wolfgang S. Rupprecht wrote:
> > Short answer: It'll make it very hard for people with physical access to
> > boot your computer and read personal files (possibly containing
> > passwords or other sensitive information).
>
> True, but that will also make it hard for the laptop to call home for
> help if it gets stolen. Just something to think about.
>
> After fretting about this for a while, I decided it was more important
> for the laptop to boot than for it to have everything encrypted. I
> want my laptop to boot and contact my server so that I can see which
> IP address it has popped up at. I'm sure the detectives at my local
> police station would be interested too. They don't often get to catch
> thieves red-handed like that. Most thefts around here go unsolved.
>
> I was too disorganized when I installed F9 to break /home out into a
> separate filesystem. If I had done that I could have encrypted /home
> yet left the root FS intact. Come to think of it, I do have
> everything under LVM, so I suppose I could still break out /home and
> encrypt the user stuff.
>
> -wolfgang
> --
> Wolfgang S. Rupprecht http://www.full-steam.org/ (ipv6-only)
> You may need to config 6to4 to see the above pages.
>
That is an interesting thought. I like the idea of letting my laptop
contact my server. However, I wonder how it will work out in a real life
situation. How many thieves would be comfortable with using Linux and
network manager to connect to a network? Besides, they would still need
to have a user account on the laptop. Eventually the thief could
succeed, but I doubt whether he/she will go through all the trouble.
I think it is wise to encrypt more than just your home partition.
Swap-, /etc and /tmp partitions will probably contain some personal
information as well.
Jeroen
More information about the fedora-list
mailing list